Commit 18e1b742f9f1212553dbc7af84a0e0ab88bc524a - libhtp

New upstream version 0.5.36 Sascha Steinbiss 3 years ago

4 changed file(s) with 32 addition(s) and 35 deletion(s). Raw diff Collapse all Expand all

-0

ChangeLog less more

	0	0.5.36 (3 December 2020)
	1	------------------------
	2
	3	- fix a http pipelining issue (#304, fixed by #312)
	4
0	5	0.5.35 (8 October 2020)
	6	-----------------------
1	7
2	8	- fix memory leak in tunnel traffoc
3	9

-1

VERSION less more

0	0	# This file is intended to be sourced by sh
1		PKG_VERSION=0.5.35
	1	PKG_VERSION=0.5.36

+24

-33

htp/htp_request.c less more

842	842	}
843	843	if (connp->in_next_byte != LF \|\| connp->in_current_consume_offset >= connp->in_current_read_offset) {
844	844	for (;;) {//;i < max_read; i++) {
845		IN_COPY_BYTE_OR_RETURN(connp);
846		// Have we reached the end of the line? For some reason
847		// we can't test after IN_COPY_BYTE_OR_RETURN */
	845	// peek until LF but do not mark it read so that REQ_LINE works
	846	IN_PEEK_NEXT(connp);
848	847	if (connp->in_next_byte == LF)
849	848	break;
	849	IN_COPY_BYTE_OR_RETURN(connp);
850	850	}
851	851	}
852	852	}

876	876	while ((pos < len) && (!htp_is_space(data[pos])))
877	877	pos++;
878	878
879		if (pos <= mstart) {
880		//empty whitespace line
881		htp_status_t rc = htp_tx_req_process_body_data_ex(connp->in_tx, data, len);
882		htp_connp_req_clear_buffer(connp);
883		return rc;
884		} else {
	879	if (pos > mstart) {
	880	//non empty whitespace line
885	881	int methodi = HTP_M_UNKNOWN;
886	882	bstr *method = bstr_dup_mem(data + mstart, pos - mstart);
887	883	if (method) {
888	884	methodi = htp_convert_method_to_number(method);
889	885	bstr_free(method);
890	886	}
891		if (methodi == HTP_M_UNKNOWN) {
892		if (connp->in_body_data_left <= 0) {
893		// log only once per transaction
894		htp_log(connp, HTP_LOG_MARK, HTP_LOG_WARNING, 0, "Unexpected request body");
895		} else {
896		connp->in_body_data_left = 1;
897		}
898		// Interpret remaining bytes as body data
899		htp_status_t rc = htp_tx_req_process_body_data_ex(connp->in_tx, data, len);
900		htp_connp_req_clear_buffer(connp);
901		return rc;
	887	if (methodi != HTP_M_UNKNOWN) {
	888	connp->in_body_data_left = -1;
	889	return htp_tx_state_request_complete(connp->in_tx);
902	890	} // else continue
903		connp->in_body_data_left = -1;
904		}
905		//unread last end of line so that REQ_LINE works
906		if (connp->in_current_read_offset < (int64_t)len) {
907		connp->in_current_read_offset=0;
908		} else {
909		connp->in_current_read_offset-=len;
910		}
911		if (connp->in_current_read_offset < connp->in_current_consume_offset) {
912		connp->in_current_consume_offset=connp->in_current_read_offset;
913		}
914
915		return htp_tx_state_request_complete(connp->in_tx);
	891	if (connp->in_body_data_left <= 0) {
	892	// log only once per transaction
	893	htp_log(connp, HTP_LOG_MARK, HTP_LOG_WARNING, 0, "Unexpected request body");
	894	} else {
	895	connp->in_body_data_left = 1;
	896	}
	897	}
	898	//Adds linefeed to the buffer if there was one
	899	if (connp->in_next_byte == LF) {
	900	IN_COPY_BYTE_OR_RETURN(connp);
	901	htp_connp_req_consolidate_data(connp, &data, &len);
	902	}
	903	// Interpret remaining bytes as body data
	904	htp_status_t rc = htp_tx_req_process_body_data_ex(connp->in_tx, data, len);
	905	htp_connp_req_clear_buffer(connp);
	906	return rc;
916	907	}
917	908
918	909	htp_status_t htp_connp_REQ_IGNORE_DATA_AFTER_HTTP_0_9(htp_connp_t *connp) {

-1

htp/htp_util.c less more

1975	1975	*/
1976	1976	void fprint_raw_data(FILE stream, const char name, const void *data, size_t len) {
1977	1977	// may happen for gaps
1978		if (data == NULL && len > 0) {
	1978	if (data == NULL) {
1979	1979	fprintf(stream, "\n%s: ptr NULL len %u\n", name, (unsigned int)len);
1980	1980	} else {
1981	1981	fprint_raw_data_ex(stream, name, data, 0, len);